Following on from another thread on this forum, discussing SP2 RC. SP2 is now RTM and is available to MSDN and TechNet subscribers (I'm MSDN). It's due to be publicly available on May 5th.

Using EAV BE x64 4.0.424, installing Vista SP2 RTM causes a BSOD during phase 3/3 of the service pack install. Rebooting causes the same. As such, my OS is hosed.

I'm not bothered, as I was planning to wipe and install Win 7 RC anyway, but I thought others should know.

So to confirm: Installing Vista SP2 x64 with EAV BE 4.0.424 installed, there's a strong chance you'll end up in a mess.

I'm sure ESET will be working on this; I just hope (for their reputation) that it's something which changed between RC and RTM, since RC has been available for testing a long time.



Jim

Hi .

Here in the forum there are users who have reported issues with Vista/2008's SP2 . However , are you sure that the BSOD has actually been caused by ESET NOD32 and not by something else ?

eamon.sys was listed as the faulting module on the blue screen.


Jim

Ok :thumb:

I'm sure the ESET guys will be "on the case", trying to get to the bottom of the cause. I can only assume that Microsoft changed something between RC and RTM that broke ESET, otherwise they'd have caught this when they tested with the RC.....if they did...


Jim

I been using Vista SP1 x64 with nod32 v4.0.424.0 and previous v4 releases without any serious problems. Now i uninstalled nod32, did a manual cleanup, installed SP2 and then reinstalled nod32. Windows works fine and no bluescreen, but nod32 doesn't work properly. After the installation everything worked just fine, but after a restart the realtime protection is disabled and i'm unable to enable the realtime protection again. Nod32 says that "a serious error occured while starting real-time file system protection". The logs contains an error as well where it says that "an error occured while starting proxy server" so http/pop3 scanning doesn't work either. Hopefully Eset is already working with the SP2 compatibility.

Thank God all is well here with no problems whatsoever. The install went fine, have restarted many times and no BSOD or disabled AV. :)

U guys running 4.0.424???

for what it's worth, I have EAV 4.0.424 on Vista x64, and just installed the SP2 RTM with no issues whatsoever. Maybe there's some conflict with certain hardware/chipset combinations? Mine is a Gigabyte board with Intel P35 chipset.

I'm not sure why only some of us are having problems, but comparing hardware configs with dannyboy I don't think that it's a hardware issue. My testing is done on a Intel C2D 6750, 8GB ram, Gigabyte P35-DS4v2, Intel ICH9R AHCI, and an OCZ vertex SSD.

{QUOTE-> I'm not sure why only some of us are having problems, but comparing hardware configs with dannyboy I don't think that it's a hardware issue. My testing is done on a Intel C2D 6750, 8GB ram, Gigabyte P35-DS4v2, Intel ICH9R AHCI, and an OCZ vertex SSD. <-QUOTE}

yeah based on your setup I'd have to agree, as I have identical CPU, 4Gb RAM (PC8500), P35-DS3R and Intel AHCI

{QUOTE->

I'm sure ESET will be working on this; I just hope (for their reputation) that it's something which changed between RC and RTM, since RC has been available for testing a long time.



Jim <-QUOTE}

HIGHLY doubt they are.
It's been reported on here for over 2 months now, and not one comment from them on it. Also sent in reports via email to them, and never got it fixed.
What a shame.

this seems to be a permission problem.

on my computer NOD antivirus v4 works only if UAC is disabled in vista sp2 rtm

{QUOTE-> HIGHLY doubt they are.
It's been reported on here for over 2 months now, and not one comment from them on it. Also sent in reports via email to them, and never got it fixed.
What a shame. <-QUOTE}
According to this post:
http://www.wilderssecurity.com/showpost.php?p=1459184
they are testing Eset software with SP2 for Vista and 2008. Hopefully there will be an update very soon.

{QUOTE-> this seems to be a permission problem.

on my computer NOD antivirus v4 works only if UAC is disabled in vista sp2 rtm <-QUOTE}
One of the first thing i did after installing Vista is to disable UAC completely. So i never had UAC enabled during the installation/uninstallation of nod32 on this computer. Still having issues. When SP2 installed the uninstallation of nod32 v4 doesn't work correctly either. One service where not removed during uninstall which gave me problems trying to delete the Eset folders, reg keys and also wouldn't let me disable/stop the service. As soon as i managed to stop/disable that service i had no problems deleting the leftovers from nod32. So i guess this have to do with the self protection of nod32 and not Vista security in this case.
I never had this kind of issues with nod32 (any version) before Vista SP2.

I finally managed to install nod32 v4 when Vista SP2 where already installed. I tried three times with the same problem where nod32 where not working properly after the installation and every time i imported the settings i exported before i installed SP2. The last time i did not import the settings and just restarted the computer with the default settings. After the reboot i changed the settings manually instead of importing the xml file and restarted once more with no problems. I have no idea if this is a coincidence or if importing the setting caused this problem, but at least now everything is working fine.....so far.

well it seems I spoke to soon. As my PC was booting up this morning, eamon.sys caused a BSOD, just as the desktop was loading.

I let it reboot to see if it would happen again, but it booted fine the second time, so it seems to be an intermittent issue.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6002.2.2.0.256.1
Locale ID: 2057

Additional information about the problem:
BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFFA6008006A8F
BCP3: FFFFFA6008705D20
BCP4: 0000000000000000
OS Version: 6_0_6002
Service Pack: 2_0
Product: 256_1

Yeah, I don't think it's a UAC problem as I to have that disabled.

Interesting that I'm now running Win7 RC x64, with ESET 4.0.424, and it's all going great!


Jim

I confirm that with a i7 920 processor and a X58 MB, with Vista 32 SP2 RTM I can install without any trouble the SP, but I have disabled real time file checking and an unknown error 0x004.

It is strange that if I scan the C: drive to check and correct errors, at next reboot ESET is working properly.
If I reboot again, red icon on the taskbar with realtime checking disabled and error 0x004.

I use last 4.0.424.0 version.

i am running vista ultimate 64 bit with service pack 2 and the latest NOD32 version 4 with no trouble at all. i did a clean install with a integrated DVD though and not an upgrade from service pack 1. i should mention that i had one start up with it disabled like is talked about here but that was on a restart where some files were updating so that may have been the cause. i just restarted again and all has been good since. i have been running it 3 days so far and have had no problems doing scans and so forth. NOD even alerted me that i needed to download some updates from windows update which surprised me.

Hello,

ESET is currently in the process of testing Service Pack 2 for Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) Vista (http://www.microsoft.com/windowsvista/) and Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) 2008 (http://www.microsoft.com/windowsserver2008/).

If anyone is having trouble running ESET's software on a computer running with Service Pack 2, please use ESET SysInspector to create a log file and then send me a private message for instructions on where to send it for review.

Regards,

Aryeh Goretsky

I set up Windows Vista 64bit those days and after installing SP2 RTM i tried to install EAV 4.0.24. But the installer quits with an unknown error - UAC is completely disabled.

So i'll wait for a fix...

Forellenblau

{QUOTE-> Hello,

ESET is currently in the process of testing Service Pack 2 for Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) Vista (http://www.microsoft.com/windowsvista/) and Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) 2008 (http://www.microsoft.com/windowsserver2008/).

If anyone is having trouble running ESET's software on a computer running with Service Pack 2, please use ESET SysInspector to create a log file and then send me a private message for instructions on where to send it for review.

Regards,

Aryeh Goretsky <-QUOTE}


you have private message. upon cold boot today it was disabled for me, i rebooted and it is fine once again. any word on when new version is coming Aryeh?

{QUOTE-> you have private message. upon cold boot today it was disabled for me, i rebooted and it is fine once again. any word on when new version is coming Aryeh? <-QUOTE}
I'm experiencing same problems on Vista 64 SP2 RTM. Some times NOD32 starts just fine, another time it reports that it needs to be reinstalled. Hopefully we have updated version of NOD32 soon that is fully SP2 compatible.

Interesting. I have a desktop with Vista SP2 x64 and laptop with Vista SP2 x86 and have not had any problems. For those having issues it must be specific to their hardware or something to do with their configuration. I have UAC enabled on both of mine, so I really doubt UAC is an issue. I hope the cause of the problems some are having is found, but I haven't had any problems with the 4.0.424.0 build.

another thing i have found is that NOD takes real long time to do full system scan. i started a full system scan last night and had to stop it after over 2 hours. i do not have that many files that it should take that long. not sure if this is related to SP2 or not, i had no problems with it before this

after doing some tests:

first of all the error comes sometimes, indepentent if UAC is enabled or disabled.

when the error comes. toggle the UAC setting and reboot. everything works fine until the next error come.

I've never had UAC enabled, and have had both BSOD's and the red icon (EAV needs to be reinstalled) error.

I uninstalled SP2 for the time being.

i wish they would release the next version that resolves this problem. :(

Also, I dont know if this is relevant to giving a clue about the problem or not.

But under Relaibility & Performance (Resources Monitor/Overview); there is a measuring Applet called Memory Hard Faults/sec. I notice on the laptop that NOD32 is having a problem with Vista SP2 on, this value is *extremely* high - especially straight after a cold reboot. In fact Ekrn.exe is causing something in the order of 1700 Hard Faults/min settling down after a while to about 300-400 per min.

On my desktop PC the corresponding number is zero ("0") Hard Faults/min immediately after a cold reboot.

Now I don't know what this measure means!! But I do wonder it is a symptom of how unhappy Eset NOD32 is on this laptop. BTW, real physical memory is not an issue here since both the laptop & my desktop PC have 4GB RAM fitted (3.5MB usable).

NigelS

I installed SP2 on a Server 2008 x64 machine. Prior to installing the service pack I disabled NOD32's AV protection to avoid problems. SP2 installed with no problems but NOD32 will not start up properly. Specifically AMON will not start. I tried to repair NOD32 but it kept having issues uninstalling. I ended up deleting the ESET folder tree from the %ProgramFiles% folder and deleted the services manually from the registry. After another reboot I was able to re-install NOD32 but AMON still refuses to start. The other components do seem to work though.

i wonder when the new version is coming?

{QUOTE-> i wonder when the new version is coming? <-QUOTE}
Until someone from Eset let use know no one can tell and Eset usually don't announce any release dates so i guess you just have to wait.

Unfortunate that they choose to not announce these things. SP2 has been coming for awhile now, you would think this problem would have been ironed out by now.

I tried ESS .424 x64 on fresh install of vista x64 SP2 and the first time all went fine, but after reboot, same as other users here, ess is red and cant enable realtime prot and firewall, it says it needs to be reinstalled. When i try to uninstall, uninstall fails because lack of privileges on some files (ess selfsecurity I think). I have to reboot in safe mode and stop eset service in order to proper uninstall.

There are some weeks since sp2 rtm is out i hope compatible version of EAV & ESS be released soon !

{QUOTE-> If anyone is having trouble running ESET's software on a computer running with Service Pack 2, please use ESET SysInspector to create a log file and then send me a private message for instructions on where to send it for review. <-QUOTE}

I would, but PMs appear to be broken at the moment. Are you still collecting data? I see most of these issues on a Sony laptop running Vista32 Ultimate and NOD32 4.0.424.0.

p.s., it might be wise for this thread to be merged with at least two others on this issue:

http://www.wilderssecurity.com/showthread.php?p=1463133
http://www.wilderssecurity.com/showthread.php?t=241416

private messages work for me, i just sent one

I just got this again:

vBulletin Message
The private messaging system is currently unavailable.

working fine for me, i just recieved one back also. looks like ESET has no update coming anytime soon from what i have been told. very sad that they are dropping the ball on this, kind of hard to recommend NOD32 when they pull stunts like this

{QUOTE-> working fine for me, i just recieved one back also. looks like ESET has no update coming anytime soon from what i have been told. very sad that they are dropping the ball on this, kind of hard to recommend NOD32 when they pull stunts like this <-QUOTE}


nice: NOD32 is useless with vista sp2.

i works a few days. then you have to toggle the UAC setting. because realtime protection could not be started.

is it so hard to write functional software for windows vista?

a few month ago i switched from kaspersky to eset because kaspersky has massive problems with vista. and now i had the some problem with NOD32.

can we clarify: are most people experiencing issues with 64bit Vista?

i have a fresh installed Vista Business SP2 (32bit) and was just deciding on which version of EAV to install, and this has spooked me :lurking:

nrms has 32bit
{QUOTE-> my desktop PC have 4GB RAM fitted (3.5MB usable). <-QUOTE}

if you did a fresh install you might be ok. that is what i did also but with the 64 bit version. mine installed fine right off the bat with the only problem being during one of the restarts from me installing software it come up disabled. then i started getting cold start ups with it disabled, that has happened to me 4 times in the 2 weeks or so i have been running NOD32 version 4. all i have to do in these cases is restart and all is well.

I know I said earlier in this thread that I had no problems, but after a few days I had problems as well. I'm currently testing a competitors product and having better results. I like ESET and their products, but I don't have time for this anymore.

moderator of this forum, could you please stick this thread at the top so it can help others out who are having similar questions and problems about this issue?

I joined the club, Guys. I run a Vista Sp2 x64, and have the same BSOD-problem at random reboots.
Also have the realtime -protection error issue, randomly. Sometimes it emerges, then at the next boot it disappears.
Eamon.sys seems the culprit to me, 'cause that's the very driver held responsible for my BSOD (message on screen).
I've run Sysinspector, and sent the file to agoretsky. Hopefully he can work it out.

{QUOTE-> can we clarify: are most people experiencing issues with 64bit Vista?

i have a fresh installed Vista Business SP2 (32bit) and was just deciding on which version of EAV to install, and this has spooked me :lurking: <-QUOTE}

yes, it only affects x64 Vista, AFAIK.

{QUOTE-> yes, it only affects x64 Vista, AFAIK. <-QUOTE}

It depends on what problem you are having and what you are running. I was running ESS (w/firewall) on my 32 bit Vista laptop and the firewall would refuse to startup correctly more often than not. I still have 1 machine running EAV that is working ok. Too many variables. I'm sure that's why it's difficult for them to fix.

{QUOTE-> yes, it only affects x64 Vista, AFAIK. <-QUOTE}

NO

It doesn't - I am running Vista 32bit. Incidently *when* the Red Alert from ESet appears on rebooting, all you have to do is reboot again. I have found that invariably a second reboot is all that is needed to get Nod32 working again. Nevertheless, it is still annoying that it happens at all.

NigelS

Does the staus of UAC have any effect on this issue - I mean the tray - icon being red / green? And of course on the the more embarrassing phenomenon, the BSOD...

I've rebooted my Vista32 SP2 box many times since this showed up--no joy. Only joy was upon uninstalling SP2. Reinstalled SP2. Problems return.

I am having major problems with NOD32 and Vista x64 SP2 on a fresh install - BSOD's all over the place from eamon.sys. Turning off self-defence in NOD32 fixes the "unable to start realtime protection" - I'll send a logfile over and see if you guys can fix this, unfortunately we have a lot of customers running NOD32 so if this update hits Windows Update and this issue isn't fixed in time - I'm going to be on the phone looking for an immediate fix ;)

Other posts state that there's a new build due today, so hopefully it addresses the SP2 issue.

As SP2 isn't publicly available yet, and there are known problems with ESET and SP2, I suggest you hold off installing SP2.

{QUOTE-> Other posts state that there's a new build due today, so hopefully it addresses the SP2 issue. <-QUOTE}what posts are you referring too? i have not seen any mention of a new build coming

http://www.wilderssecurity.com/showthread.php?t=241402

Second post down.

thank you

wonder if it will posted here? http://www.eset.com/support/news.php

I tried the new build but its still the same. After a clean uninstall and a reinstall ... the first thing after a reboot is the red icon. :(
PLUS the anti virus crashes my computer while scanning a file from live messenger and this can be produced 100% of the time when the red icon is up..I lost so much data because of it... i wonder what Eset is doing about this ... its already +20 days since the release of SP2 RTM; not counting the amount of days SP2 is in RC... Eset should have tested it thoroughly.

Blue Screen of Death with esset AntiVirus 4.0.424.0

problem with eamon.sys !!!!!

WARNING: Whitespace at end of path element
Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 6002.18005.x86fre.lh_sp2rtm.090410-1830
Machine Name:
Kernel base = 0x81e12000 PsLoadedModuleList = 0x81f29c70
Debug session time: Wed May 20 12:14:51.198 2009 (GMT+2)
System Uptime: 0 days 0:00:27.901
Loading Kernel Symbols
...............................................................
................................................................
...........
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {656c6946, 2, 0, 9a20a1de}

Unable to load image \SystemRoot\system32\DRIVERS\eamon.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for eamon.sys
*** ERROR: Module load completed but symbols could not be loaded for eamon.sys
Probably caused by : eamon.sys ( eamon+51de )

There's a new kid on the block, Dude...this one has already been discussed deeply.
Hail the 4.0.437!

i just upgraded to new version. so far no trouble at all for me.

4.0.435/4.0.437 - there seems to be an improvement ...

Does the new version work or not with Vista SP2?

{QUOTE-> Does the new version work or not with Vista SP2? <-QUOTE}

Apparently not
http://www.wilderssecurity.com/showthread.php?t=242804

Still have the same issue with the new build. I can't even uninstall it using the uninstaller now, time to dig out manual uninstall instructions.

no, new version does not work with SP2. my computer just started with it disabled. lets go ESET get it fixed

Still random freezes with internet explorer with latest version. ::)

And for now temporary fix is to disable self-protection in advanced setup. I know it's not official fix, but hey at least it works Self-protection is a new feature to V4, so by disabling it temporary we still get all new features of V4 except well....self protection

note: to disable it you must roll the dice so to speak to get one of those times when NOD32 starts up ok. Otherwise you can't disable self protection because it's protected by self protection which is not working correctly

JuliusB

I have uninstalled NOD32 x64 from my Vista Ultimate SP2 box via safe mode and installed the latest build and the problems have disappeared for me.

I then tried installing it over the old version (424) on Server 2k8 x64 SP2 but that did not work. The file protection service still failed to start. So I booted into safe mode and ripped out NOD32 (normal uninstall did not complete correctly). After that I installed NOD32 x64 fresh and no more issues for me.

30 minutes later: I spoke too soon. Server 2k8 x64 SP2 just BSOD'd and now I am back to the red NOD32 icon where file protection does no longer work.

{QUOTE-> And for now temporary fix is to disable self-protection in advanced setup. I know it's not official fix, but hey at least it works Self-protection is a new feature to V4, so by disabling it temporary we still get all new features of V4 except well....self protection

note: to disable it you must roll the dice so to speak to get one of those times when NOD32 starts up ok. Otherwise you can't disable self protection because it's protected by self protection which is not working correctly

JuliusB <-QUOTE}

Thanks, this seems to have stopped the freezing. Will have to use for a few days to be certain, but at least this gives ESET an idea of what module is causing the issue.

Still disgusted with their lack of official response. I just persuaded my father to get a 3 licence deal and my renewal is coming up. Starting to regret it.....

I have reverted to using v3 on Vista SP2 RTM as it's the only way to get NOD32 to work. I find it shocking that there has been no acknowledgement of this problem from ESET, especially as this has been going on a while now.

Being a reseller of ESET products (and having a userbase of 500+) I am seriously considering recommending other products when customers come to renew as this type of service is simply not acceptable when it comes to major problems like this.

This may not the appropriate thread to post this in, but it seems we're all having similar problems.

I'm running XP x64 with SP2, fully updated. Every time I install the latest version of NOD32 4.x everything works great. Upon restarting the computer I BSOD as the system

boots up unless I select 'Last Known Good Configuration'. From there NOD32 ceases to work. Egui.exe is loaded upon start-up but does not respond. Closing it manually and

opening up NOD32 does not work either. No response is given. I can run the repair module but then the NOD32 icon goes red and informs me a critical problem has occurred and

I should promptly reinstall the program.

Removing the program seems to fix the issue if I remember correctly, but a reinstallation only causes the problem to reoccur next boot.

Upon arriving at my desktop I am given the error msg:
[Generic Host Process for Win32 Services
Error Signature:
EventType : BEX64 P1 : svchost.exe P2 : 5.2.3790.3959 P3 : 45d69a64
P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 000007ff660287d4
P8 : c0000005 P9 : 0000000000000008]

My Sysinspector log is too large to post via attachment so I've put it in a rapidshare file: ~Link removed. Log contains private information.~

Hello OneTwoOneTwoOne,

Your link was removed as it contains private information. Send your log, if an ESET moderator requests it, according to these directions. >>

How do I create a SysInspector log? (http://kb.eset.com/esetkb/index?page=content&id=SOLN2219)

{QUOTE-> This may not the appropriate thread to post this in, but it seems we're all having similar problems.

I'm running XP x64 with SP2, fully updated. Every time I install the latest version of NOD32 4.x everything works great. Upon restarting the computer I BSOD as the system

boots up unless I select 'Last Known Good Configuration'. From there NOD32 ceases to work. Egui.exe is loaded upon start-up but does not respond. Closing it manually and

opening up NOD32 does not work either. No response is given. I can run the repair module but then the NOD32 icon goes red and informs me a critical problem has occurred and

I should promptly reinstall the program.

Removing the program seems to fix the issue if I remember correctly, but a reinstallation only causes the problem to reoccur next boot.

Upon arriving at my desktop I am given the error msg:
[Generic Host Process for Win32 Services
Error Signature:
EventType : BEX64 P1 : svchost.exe P2 : 5.2.3790.3959 P3 : 45d69a64
P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 000007ff660287d4
P8 : c0000005 P9 : 0000000000000008]

My Sysinspector log is too large to post via attachment so I've put it in a rapidshare file: ~Link removed. Log contains private information.~ <-QUOTE}


see post number 20 of this thread for place to send the sysinspector log too.

ronjor, why not sticky this thread till this issue is resolved?

{QUOTE-> ronjor, why not sticky this thread till this issue is resolved? <-QUOTE}

Probably a good idea since SP2 could be released through Windows update at anytime now.

SP2 will be available for public manual download tomorrow, but automatic updates will start only on June 30.

Eset: FYI

I have now had to UNINSTALL 4.0.437 off the SECOND of my THREE PC's because of this incompatibility with Vista SP2.

This second PC had been running OK with Vista SP2 for nearly two weeks, but suddenly today it decided it wasn't having anymore of it. Incidently this time simply rebooting the PC WAS NOT sufficient to clear the Red ALert - I had to restore from an image backup first before un-installing Eset NOD32 successfully.

I am now running PrevX alone on these two machines, and to be frank, if Eset don't get this fixed soon, NOD32 will STAY OFF these machines permanently and I will not be re-newing the license when due.

NigelS

to me it is amazing that they are letting this go this long without so much as a comment here or on their website.

{QUOTE-> to me it is amazing that they are letting this go this long without so much as a comment here or on their website. <-QUOTE}

I totally agree. Even if ESET were to post on here to say they knew about the problem and were working on it I'd be happy. I wonder how long this will go on!

The last post from an Eset employee was post 20 from agoretsky on May 4th saying they were testing it and anyone with problems should let them know. ??? :thumbd:

I just wonder if ESET can update NOD32 remotely once fix is available or will users need to download new version and reinstall. I think it depends on where the problem is. Various components of NOD32 are updated constantly, but not the core program itself.
If manual download and reinstall is required then I am worried about what's going to happen once people start to mass download SP2 :(

My suspicion, based upon their silence, is that they haven't got a clue what's causing the problem. Though when SP2 goes public tomorrow and people start hitting the downloads, I'm pretty sure the brown stuff will hit the fan.

Perhaps ESET would like to suprise us all and either a) talk to us and give us a progresss update or b) release a fix.

Who knows....

Jim

{QUOTE-> I just wonder if ESET can update NOD32 remotely once fix is available or will users need to download new version and reinstall. I think it depends on where the problem is. Various components of NOD32 are updated constantly, but not the core program itself.
If manual download and reinstall is required then I am worried about what's going to happen once people start to mass download SP2 :( <-QUOTE}

you will need to download new version and install it.

{QUOTE-> My suspicion, based upon their silence, is that they haven't got a clue what's causing the problem. <-QUOTE}
I'm sure they have a clue and pretty sure they are working to solve the problem, but it's nothing new that Eset choose to not announce anything before they have a new release. I'm not saying this is acceptable, but that's basically the way it is. If they at least could give an estimate of time to solve the problem i'm sure the customers would appreciate that.

Any kind of feedback would be an improvement. A "we know what it is and are testing an internal version", "we have no clue but a few ideas" "we have it fixed but it's a Holiday weekend here in the States". Anything would be good.

{QUOTE-> SP2 will be available for public manual download tomorrow, but automatic updates will start only on June 30. <-QUOTE}

SP2 is now available to the public here (http://www.microsoft.com/downloads/details.aspx?FamilyID=a4dd31d5-f907-4406-9012-a5c3199ea2b3&DisplayLang=en) (32-bit) and here (http://www.microsoft.com/downloads/details.aspx?FamilyID=656c9d4a-55ec-4972-a0d7-b1a6fedf51a7&DisplayLang=en) (64 bit).

The clock is now ticking Eset....:(

{QUOTE-> SP2 is now available to the public here (http://www.microsoft.com/downloads/details.aspx?FamilyID=a4dd31d5-f907-4406-9012-a5c3199ea2b3&DisplayLang=en) (32-bit) and here (http://www.microsoft.com/downloads/details.aspx?FamilyID=656c9d4a-55ec-4972-a0d7-b1a6fedf51a7&DisplayLang=en) (64 bit).

The clock is now ticking Eset....:( <-QUOTE}

Don't fret......Eset will make it:P

That's the point though, they haven't! SP2 is public, and ESET causes problems. They've snatched defeat from the jaws of victory....

{QUOTE-> Don't fret......Eset will make it:P <-QUOTE}

You think so?

We are just about to open a support case with ESET UK about this issue saying that SP2 has been released to the public. Were getting prepared for the mass onslaught of customers who have installed SP2 and will be getting the BSOD issue - lets see what they say.

{QUOTE-> You think so?

We are just about to open a support case with ESET UK about this issue saying that SP2 has been released to the public. Were getting prepared for the mass onslaught of customers who have installed SP2 and will be getting the BSOD issue - lets see what they say. <-QUOTE}

O men of little faith, fret not, for ESET is in control:P

{QUOTE-> O men of little faith, fret not, for ESET is in control:P <-QUOTE}

We would have more faith that "Eset is in control" if someone from Eset (e.g. Marcos, agoretsky etc.) would make a public statement such as "The problem has been identified. Expect a new release in the next few days"

Remember that the vast majority of people who install SP2 in the next few weeks will not be aware of this forum and so will blindly install SP2 and expect it to work with ESS or NOD32.

When it does not, it will cause a support headache for Eset.

Running the NOD32 installer as administrator fixed all problems for me. :D

Check this page out. It explains how to run a .msi as administrator.
http://www.symantec.com/connect/downloads/msi-run-administrator-context-menu-vista

(I already had UAC disabled b.t.w.)

{QUOTE-> Running the NOD32 installer as administrator fixed all problems for me. :D

Check this page out. It explains how to run a .msi as administrator.
http://www.symantec.com/connect/downloads/msi-run-administrator-context-menu-vista

(I already had UAC disabled b.t.w.) <-QUOTE}


This is working for me too !!

Thanks !!

Rene.

{QUOTE-> We would have more faith that "Eset is in control" if someone from Eset (e.g. Marcos, agoretsky etc.) would make a public statement such as "The problem has been identified. Expect a new release in the next few days"

Remember that the vast majority of people who install SP2 in the next few weeks will not be aware of this forum and so will blindly install SP2 and expect it to work with ESS or NOD32.

When it does not, it will cause a support headache for Eset. <-QUOTE}


Just like children, the ESET team will have to learn the hard way in this situation. It will be a good lesson for them.

no problem with vista 32bit sp2 and either the .437 or .424 builds. web access & email protection disabled though

{QUOTE-> Running the NOD32 installer as administrator fixed all problems for me. :D

Check this page out. It explains how to run a .msi as administrator.
http://www.symantec.com/connect/downloads/msi-run-administrator-context-menu-vista

(I already had UAC disabled b.t.w.) <-QUOTE}

i installed mine that way and it ran fine but few days later the problems started.

Hi. New to this forum. Long time nod32 user. Have been impressed with the product, but that may change...

Just wanted to say that sp2 update is live on winupdate and is being pushed now. I just got the notification and installed it. BSODs at step3 every time. Eamon.sys is the culprit and a google search for that leads here :) Uninstalled eset in safemode in order to complete sp2 installation.

Was running v4, looks like I need v3 for my x64 system...

Alarms going off yet eset?

{QUOTE-> Hi. New to this forum. Long time nod32 user. Have been impressed with the product, but that may change...

Just wanted to say that sp2 update is live on winupdate and is being pushed now. I just got the notification and installed it. BSODs at step3 every time. Eamon.sys is the culprit and a google search for that leads here :) Uninstalled eset in safemode in order to complete sp2 installation.

Was running v4, looks like I need v3 for my x64 system...

Alarms going off yet eset? <-QUOTE}

And no warning yet, here or in the Eset page. Well done Eset. :thumbd:

Hello,

An issue with ESET's V4 software and Service Pack 2 for Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) Vista (http://www.microsoft.com/windowsvista/) and Windows (http://www.microsoft.com/windows/) 2008 (http://www.microsoft.com/windowsserver2008/) has been identified and the developers are working on a solution for it. Currently, I do not have any information about when it will be available or what form it will take, but as soon as more information is available it will be provided.

A special thanks to those who sent in ESET SysInspector logs to help troubleshoot the problem.

Regards,

Aryeh Goretsky

{QUOTE-> Hello,

An issue with ESET's V4 software and Service Pack 2 for Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) Vista (http://www.microsoft.com/windowsvista/) and Windows (http://www.microsoft.com/windows/) 2008 (http://www.microsoft.com/windowsserver2008/) has been identified and the developers are working on a solution for it. Currently, I do not have any information about when it will be available or what form it will take, but as soon as more information is available it will be provided.

A special thanks to those who sent in ESET SysInspector logs to help troubleshoot the problem.

Regards,

Aryeh Goretsky <-QUOTE}

See, it wasn't that difficult. Anyway, you should put a sticky thread about this.

{QUOTE-> Hello,

An issue with ESET's V4 software and Service Pack 2 for Microsoft (http://www.microsoft.com/) Windows (http://www.microsoft.com/windows/) Vista (http://www.microsoft.com/windowsvista/) and Windows (http://www.microsoft.com/windows/) 2008 (http://www.microsoft.com/windowsserver2008/) has been identified and the developers are working on a solution for it. Currently, I do not have any information about when it will be available or what form it will take, but as soon as more information is available it will be provided.

A special thanks to those who sent in ESET SysInspector logs to help troubleshoot the problem.

Regards,

Aryeh Goretsky <-QUOTE}

I haven't seen any problems, installed SP2 on 2 laptops which had ESS .437 already installed, haven't seen a problem of any sort yet. Ran 2 full system scans and have rebooted several times, running smooth so far.

{QUOTE-> Running the NOD32 installer as administrator fixed all problems for me. :D

Check this page out. It explains how to run a .msi as administrator.
http://www.symantec.com/connect/downloads/msi-run-administrator-context-menu-vista

(I already had UAC disabled b.t.w.) <-QUOTE}

I can confirm this works! ;D

I updated to Vista SP2 some weeks ago. I got a BSOD and Eset would not start properly (red icon and message saying I need to reinstall). Fortunately I could uninstall easily and I downgraded to ESS 3.0.684. I have a virtual machine in VMWare with Vista SP2 x86 installed. When I tried to install ESS 4.x I would consistently get a red icon right after installation. Disabling or enabling UAC or self-protect didn't matter.

I tried the reg-file and installed ESS 4.0.424 as Administrator, rebooted a few times and everything looks good so far.

So this would indicate a permission problem which begins at install, but only occurs with Vista SP2 installed. Differences between normal install and Administrator install should be studied and the install-script needs to get a few extra permissions.

Good luck Eset. I hope the permissions can be set through Eset updates or else I think Eset is gonna be srewed, when everybody who updates to Vista SP2 needs to find a new working setup of Eset.

{QUOTE-> Running the NOD32 installer as administrator fixed all problems for me. :D

Check this page out. It explains how to run a .msi as administrator.
http://www.symantec.com/connect/downloads/msi-run-administrator-context-menu-vista

(I already had UAC disabled b.t.w.) <-QUOTE}

Are you sure it fixed them? It's not like NOD32 does not start all the time, sometimes it starts, sometimes it does not. For me, running all setup procedure as Admin did not help. After install NOD32 failed to start correctly again. After restart worked fine but after one more restart another error message(never seen it before) - services failed to start - POP3/HTTP protection not working.
Btw disabling UAC is not a good solution for security anyway... Sometimes people think it's all about confirmation boxes, but it's not. UAC control applications privileges, only those application that need Admin rights to work correctly get it. This can greatly help security. Consider this:
UAC is not active and web browser get exploited on a malicious web page. Now since UAC is off, browser was working with full admin rights and so in turn exploit gets full access to the whole system
Now if UAC is active and browser gets exploited exploit has limited access and can't for example install malware because it can't access registry, windows or program files folders and some other protected folders. Internet Explorer browser with UAC on is even more secure because it only has access to temp folder - it works in sandbox.

Definately doesn't fix it. Initially seemed no problems but I ran a full scan and rebooted a couple of time and then the issues came back.

seems like quite a few people don't have any issues, check here:
http://www.neowin.net/forum/index.php?showtopic=776802&st=0

I think ESET should recommend a downgrade to version 3 if the user should install Vista SP2 update.*puppy*

Just updated to SP2, NOD32 is working ok so far, except very often I get error "some internal error bla bla" followed by red icon, so I need to restart my computer. Don't know if this is relatated or not, but this happens quite often while running on batteries. As I said after restart (and plugging in cable) it seams to work, until next restart.

Since I have installed SP2 I don't get "pop http error" anymore, just this error that NOD32 is not working at all, so I need to restart.

My spec: Sony Vaio Z590, Vista Business (32bit) SP2, latest NOD32 version

Cheers,
Miki

I am absolutely disturbed by this.

Unfortunately, upon seeing that my NOD32 install was broken after installing Vista SP2, I attempted to uninstall the (broken) v4 install in order to reinstall or revert to v3. The uninstall was not successful and only complicated the situation.

After numerous attempts to completely remove/repair the installation, I finally ended up doing a system restore.

This situation, combined with various other problems we've had with v4, has just pushed me over the edge. I can't help but think that someone at ESET is asleep at the wheel.

It certainly seems very odd. ESET are silent on the subject until the very day SP2 goes public, and we then get acknowledgement of the issue by ESET. It's especially odd given that 4.0.437 is only a week old.

Surely, surely ESET had access to SP2 before release day? Surely they have MSDN or TechNet access? Surely it's better to get the solution out there before SP2 goes public, rather than forcing people to rebuild their system.

It all seems very slipshod to me, and quite disheartening. They should have fixed it before SP2 went public, and if they couldn't fix it they should have sent a warning to people. They have email addresses for all their registred customers. Isn't that what "being proactive" means?

A sad episode I feel. ESET are clearly not the leading-edge company they were. More like bleeding-edge.



Jim

Good grief, I just saw this thread & read it with horror. Vista SP2 is now appearing on WSUS & available on Windows update today & now it seems that there is a blue screen issue with Nod? What is this company playing at?

If my user base starts getting BSODs caused by Nod, it will be the final straw for me.

{QUOTE->

It all seems very slipshod to me, and quite disheartening. They should have fixed it before SP2 went public, and if they couldn't fix it they should have sent a warning to people. They have email addresses for all their registred customers. Isn't that what "being proactive" means?

A sad episode I feel. ESET are clearly not the leading-edge company they were. More like bleeding-edge.
<-QUOTE}

Maybe but, look at it this way....are people really complaining that Eset has incompatabilities with products that are not even released to the general public yet? MSDN and technet are advanced releases for IT pros and corporates and not the general public.

At the end of the day, anyone who goes installing major updates like service packs without testing 'just because it has been released' is just asking for trouble. How many network administrators do you know that go installing any and every patch released onto their servers the day the patch gets released?

It never ceases to amaze me how many people are already saying on here about problems with Eset and Windows 7 - Windows 7 isn't even supposed to be released for a fair few months yet!!!

{QUOTE-> Good grief, I just saw this thread & read it with horror. Vista SP2 is now appearing on WSUS & available on Windows update today & now it seems that there is a blue screen issue with Nod? What is this company playing at?
<-QUOTE}

http://www.microsoft.com/downloads/details.aspx?familyid=d7c9a07a-5267-4bd6-87d0-e2a72099edb7&displaylang=en

I'm not sure if the SP will immediately be listed on WindowsUpdate or not (I suspect it will be shown as optional to start with) but, either way, you can block it on all clients using the Windows Service Pack Blocker Tool Kit and the GPO in your domain.

~CB

{QUOTE-> Are you sure it fixed them? It's not like NOD32 does not start all the time, sometimes it starts, sometimes it does not. For me, running all setup procedure as Admin did not help. After install NOD32 failed to start correctly again. After restart worked fine but after one more restart another error message(never seen it before) - services failed to start - POP3/HTTP protection not working.
Btw disabling UAC is not a good solution for security anyway... Sometimes people think it's all about confirmation boxes, but it's not. UAC control applications privileges, only those application that need Admin rights to work correctly get it. This can greatly help security. Consider this:
UAC is not active and web browser get exploited on a malicious web page. Now since UAC is off, browser was working with full admin rights and so in turn exploit gets full access to the whole system
Now if UAC is active and browser gets exploited exploit has limited access and can't for example install malware because it can't access registry, windows or program files folders and some other protected folders. Internet Explorer browser with UAC on is even more secure because it only has access to temp folder - it works in sandbox. <-QUOTE}

Yes, I'm sure this fixed the problem. But before I installed the application I removed the current version (in safe mode) and removed all the ESET registry entries. Installing the application as an administrator without doing this first doesn't fix the problem.

{QUOTE-> Maybe but, look at it this way....are people really complaining that Eset has incompatabilities with products that are not even released to the general public yet? MSDN and technet are advanced releases for IT pros and corporates and not the general public. <-QUOTE}

No, people are complaining about products that are released to the public. SP2 is public, as of yesterday. And the reason we've been complaining for weeks (I started this thread) was to "encourage" ESET to get it fixed before SP2 went public. Sadly this did not happen.

Jim

Edit: ESET happens to work perfectly with Win7 ;-)

{QUOTE-> http://www.microsoft.com/downloads/details.aspx?familyid=d7c9a07a-5267-4bd6-87d0-e2a72099edb7&displaylang=en

I'm not sure if the SP will immediately be listed on WindowsUpdate or not (I suspect it will be shown as optional to start with) but, either way, you can block it on all clients using the Windows Service Pack Blocker Tool Kit and the GPO in your domain.

~CB <-QUOTE}


Sorry, by "clients" I meant "customers". All my server customers are using Nod32 v2.7. Vista SP2 is available on both WSUS & Windows update this morning.

I've just installed SP2 on my Vista x32, no problems, NOD32 works as it should.

However, I have my hard drive divided into 4 partitions as follows :-
c: vista
d:for my anti-virus, Outpost firewall and othe security programs.
E: for all the programs etc I have got and anything to do with my PC.
F: for my installed utility programs.

Hi!

I've been testing Metallian's solution some more and I'm quite confident that this is THE solution. I tested it in a Virtual Machine with Vista SP2. A normal install would consistently result in errors. Installing according Metallian's description works flawless until now. I've updated Eset, updated Windows, rebooted numerous times and Eset is still working.

I think Metallian is also correct in saying that people who still have problems after installing as Administrator did not have their previous version correctly installed.

This really seems to be a permissions-problem. So when folders and registry-keys are left after uninstalling Eset these folders and keys might still have 'bad permissions'. The new installation does not fix it.

So if you have version 4.x installed, you should completely remove it. Go to the Control Panel and remove Eset. If it fails, then you should reboot into safe-mode and try again. After unstall remove these folders:

%ProgramFiles%\ESET
%ALLUSERSPROFILE%\ESET
%APPDATA%\ESET
%LOCALAPPDATA%\ESET

Also remove these registry keys:

HKEY_LOCAL_MACHINE\SOFTWARE\ESET
HKEY_CURRENT_USER\SOFTWARE\ESET

Then reboot.

Download and extract this file:
http://www.symantec.com/connect/sites/default/files/MsiRunAsAdmin.zip
Doubleclick on the reg-file and confirm that.

Now right-click on the msi-file from Eset and choose "Run as Administrator".

Follow normal installation-steps and you should be good :D

Many thanks to Metallian!

Just tried the running the msi as admin trick, and it semmed to work but after a few reboots im back to real time protection is disabled. Trying to enable it in setup menu gives error about not having permisions to change this setting.

OK just rebooted and its now working.

{QUOTE-> Just tried the running the msi as admin trick, and it semmed to work but after a few reboots im back to real time protection is disabled. Trying to enable it in setup menu gives error about not having permisions to change this setting.

OK just rebooted and its now working. <-QUOTE}

Did you remove all folders and registry-keys before you reinstalled? See my previous post.

{QUOTE-> Did you remove all folders and registry-keys before you reinstalled? See my previous post. <-QUOTE}
Aye did that, also found some ESET service and drivers were still being loaded even after uninstalling. only noticed this after high cpu usage from ekrn.exe.

Reg keys not removed HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ekrn
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eamon
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehdrv

There is a few more but these had been removed by the uninstaller
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epfwwfpr
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EhttpSrv

Good news is that is seems to be working now. just seems like every so often after rebooting i get real time protection is disable error. Also not had any BSOD yet.

{QUOTE-> also found some ESET service and drivers were still being loaded even after uninstalling. <-QUOTE}

If you want to try again, you could uninstall Eset. Then use this tool (maybe you need to do this in safe-mode, download the tool first):

http://live.sysinternals.com/autoruns.exe

Click on 'find' and type 'eset'. Uncheck everything related to Eset. Also remove the folders and registry-keys again, as stated before. Then reboot.

Check task-manager (show all processes) and device-manager (view / show hidden devices) and see if you see any processes like 'ekrn' or drivers like 'eamon' (under non-plug and play drivers) active. They should all be gone now.

Then try to reinstall As Administrator.

NOD32 is really the first software that knocked my PC off. I haven't seen BSOD in years, but apparently eset did it. Unistalled until the issue is fully fixed.

Wish I'd found this forum before installing SP2. It came out via windows update so I thought it was safe, I read the list of programs unsupported, and NOD wasn't listed, so I went ahead.

So far I've not had BSOD, but I do get the red icon and "a serious error occured when loading real time protection". This was with 4.0.424, but I now have .437 off the site and still the same problem. I did uninstall 424 and reboot before installing 437

This really is a shambles if its been going on this long, and ESET haven't found a fix, or even acknowledged the problem in their knowledgebase which I have also searched this evening.

I will try a system restore, and then the "msi as admin" process as listed above, and if that doesn't work will have to consider a new AV package!

Alan

That's exactly the same error message I'm getting!

I have read all this with interest, but I am at a loss to understand it. I have installed SP2 on Vista 64 bit, i neither disabled, uninstalled, or did anything with Nod v4 . I just works...

It seems amazing that so many systems seem to have problems with this.

Does anypone have n idea why some system are affected and others ( most? ) are not?

Bernard

ESET has really dropped the ball on this one

{QUOTE-> I have read all this with interest, but I am at a loss to understand it. I have installed SP2 on Vista 64 bit, i neither disabled, uninstalled, or did anything with Nod v4 . I just works...

It seems amazing that so many systems seem to have problems with this.

Does anypone have n idea why some system are affected and others ( most? ) are not?

Bernard <-QUOTE}
thats probably what eset is trying to figure out. I'm surprised there is no fix yet.

{QUOTE-> I have read all this with interest, but I am at a loss to understand it. I have installed SP2 on Vista 64 bit, i neither disabled, uninstalled, or did anything with Nod v4 . I just works...

It seems amazing that so many systems seem to have problems with this.

Does anypone have n idea why some system are affected and others ( most? ) are not?

Bernard <-QUOTE}

i am guessing it is UAC related somehow with vista 64 bit

I upgraded to SP2 (x86) while using 4.0.314.0 and I had no problems.

It seems to be a permissions problem, I didn't have any problems either until i tried to uninstall ESS with SP2 installed, that's when I started seeing the same problems others have been reporting, it requires going into safe mode to uninstall, I decided to completely uninstall ESS, I would hate to think what would happen if an infection came along, with the permissions all messed up, would ESS be able to remove anything? I didn't want a totally trashed system, fortunately I have a license to another AV which I won't mention and doesn't seem to be affected in anyway by what service pack is installed, I don't wish to turn this into an Eset thrashing thread, on the other hand I am not sure this is Eset's fault, they didn't change anything, Microsoft did. But then again, there are other AVs that this issue doesn't seem to affect so I don't know what the problem is but ESS and NOD32 obviously don't seem to play well with SP2.

on the other hand, it' not just Eset that appears to have a problem, as I said I don't have any problem with it. Several other security programs seem to be affected too

see:http://support.microsoft.com/kb/969707

Heat's post at #117 did the trick for me.

I installed SP2 on a Vista Ultimate box, got the BSOD. Restarted box, re-installed SP2 (with NOD running). Install of SP2 went like clockwork but on restart real time scanning was disabled.

I tried repairing the NOD install and re-installing but nothing worked.

Followed #117 and all is good again :)

Cheers for that Heat/Metallian.

Why does the icon turn red after installing Service Pack 2 for Microsoft Windows Vista and Windows Server 2008? (4.0) (http://kb.eset.com/esetkb/index?page=content&id=SOLN2254)

{QUOTE-> Heat's post at #117 did the trick for me.

I installed SP2 on a Vista Ultimate box, got the BSOD. Restarted box, re-installed SP2 (with NOD running). Install of SP2 went like clockwork but on restart real time scanning was disabled.

I tried repairing the NOD install and re-installing but nothing worked.

Followed #117 and all is good again :)

Cheers for that Heat/Metallian. <-QUOTE}

Same here, it worked on 2 laptops so far, holding off on the other 2 until a more permanent fix is available.

{QUOTE-> Why does the icon turn red after installing Service Pack 2 for Microsoft Windows Vista and Windows Server 2008? (4.0) (http://kb.eset.com/esetkb/index?page=content&id=SOLN2254) <-QUOTE}
So basically right now ESET is recommending downgrading to v3.0. I assume this means the problems with ESET NOD32 Antivirus and Windows Vista SP2 are v4.0 related only.

I haven't upgraded to v4.0 yet - I'm still on v3.0 - so downloading Vista SP2 wouldn't effect me?

{QUOTE-> An incompatibily between Service Pack 2 and the 4.0 versions of ESET Smart Security and ESET NOD32 Antivirus prevents the proper functioning of real-time file-system protection. <-QUOTE}Only Version 4 is mentioned for compatibility issues.

{QUOTE-> Only Version 4 is mentioned for compatibility issues. <-QUOTE}
Thanks Ronjor, I was just confirming.

I will probably wait anyways on upgrading to both Windows Vista SP2 and ESET NOD32 Antivirus v4.0 until the problems are solved.

Yap, version 4 seem to be problematic. My wife has ESS v3, yesterday I have installed SP2 on her laptop, ESS works as a charm. I'm thinking to switch back to NOD32 v3 until this is resolved.

One thing I don't understand is, if v3 works ok, how come they didn't implement this is v4. I always thought new version should give you additional benefits plus better compatibility.

{QUOTE-> Why does the icon turn red after installing Service Pack 2 for Microsoft Windows Vista and Windows Server 2008? (4.0) (http://kb.eset.com/esetkb/index?page=content&id=SOLN2254) <-QUOTE}

So, it's rather serious issue if ESET offers using V3 until they come up with solution.

Cheers,
Miki

From yesterday Vista SP2 is available and proposed to everyone on Windows/Microsoft Update.

I hope that soon there will be a real solution, not a downgrade. >:(

I am really bored to see eset icon in my PC working like a traffic light and to be exposed to potential infections. :thumbd:

{QUOTE-> From yesterday Vista SP2 is available and proposed to everyone on Windows/Microsoft Update.

I hope that soon there will be a real solution, not a downgrade. >:(

I am really bored to see eset icon in my PC working like a traffic light and to be exposed to potential infections. :thumbd: <-QUOTE}

Please try this:

http://www.wilderssecurity.com/showpost.php?p=1474933&postcount=117

{QUOTE-> One thing I don't understand is, if v3 works ok, how come they didn't implement this is v4. I always thought new version should give you additional benefits plus better compatibility. <-QUOTE}

it's the same as with cars: new version = more features = more to go wrong ;)

it's quite weird, bragging about new version (v4) and then "advise" consumers to downgrade to v3. It's silent admittance v4 is nowhere near final version. How come V3 works without any issues with SP2, and it's not designed for SP2 in a first place.

ps. and why the hell spell check doesn't work in quick quote in FF (it works in advanced edit though)? Works ok in Safari 4 (or maybe it's just me).

Cheers,
Miki

A couple of days ago, I installed SP2 on my Vista Premium 32bit, without disabling or uninstalling NOD32 4.0.314
It just worked like a dream and I do not seem to have any compatibility problems. My UAC is also permanently on.......;)

{QUOTE-> it's quite weird, bragging about new version (v4) and then "advise" consumers to downgrade to v3. It's silent admittance v4 is nowhere near final version. How come V3 works without any issues with SP2, and it's not designed for SP2 in a first place. <-QUOTE}
I believe the feature that cause problem with SP2 is a new feature in v4 and this features does not exist in v3. That's probably why v3 is not affected. It's impossible to create a product that is 100% guaranteed to be working with any future servicepack. We seen similar problems with servicepacks in the past for several other products as well. To advise customers to downgrade as a workaround until fixed is pretty common and better then telling the customers to be unprotected.
I think maybe Eset could have fixed this problem at a earlier point and few people would have noticed this issue at all, but I don't think it's fair to blame Eset for not creating a product that works with any future servicepack. I also think Eset should make a public statement about such problems at a earlier point.

{QUOTE-> Why does the icon turn red after installing Service Pack 2 for Microsoft Windows Vista and Windows Server 2008? (4.0) (http://kb.eset.com/esetkb/index?page=content&id=SOLN2254) <-QUOTE}
That KB needs to be revised and mention the removal of folders in SafeMode. Because of the permission issue they can't be removed otherwise.

{QUOTE-> I believe the feature that cause problem with SP2 is a new feature in v4 and this features does not exist in v3. That's probably why v3 is not affected. It's impossible to create a product that is 100% guaranteed to be working with any future servicepack. We seen similar problems with servicepacks in the past for several other products as well. To advise customers to downgrade as a workaround until fixed is pretty common and better then telling the customers to be unprotected.
I think maybe Eset could have fixed this problem at a earlier point and few people would have noticed this issue at all, but I don't think it's fair to blame Eset for not creating a product that works with any future servicepack. I also think Eset should make a public statement about such problems at a earlier point. <-QUOTE}

Sorry, but I disagree. v4 was causing troubles even with SP1 (http pop module error) and v4 was introduced much after SP1 was released, and still it didn't work properly (unlike v3). So they have released product unfinished if you ask me, as those errors were reported in Beta stage as discussed here and in other threads. Not to mention tremendous issues with ESS internet drops... My belief is they rushed out with v4 (both NOD and ESS) and now this is coming back to them.

Now don't get me wrong, I've been using NOD32 for the past 5-6 years, and if I haven't been such a great fan of NOD32, it would be long gone from my laptop, as my thinking is "if something bothers you replace it".

Cheers,
Miki

I haven't read every page of this thread as I'm not personally affectecd by this issue.

However, in case it hasn't already been mentioned, here's a link to a MS KB article listing the programs they acknowledge have been affected by this SP; http://support.microsoft.com/default.aspx?scid=kb;en-us;969707

Clearly this is of no help to posters here, but it does demonstrate that Eset are not the only company 'caught out' by this patch.

{QUOTE-> I haven't read every page of this thread as I'm not personally affectecd by this issue.

However, in case it hasn't already been mentioned, here's a link to a MS KB article listing the programs they acknowledge have been affected by this SP; http://support.microsoft.com/default.aspx?scid=kb;en-us;969707

Clearly this is of no help to posters here, but it does demonstrate that Eset are not the only company 'caught out' by this patch. <-QUOTE}

Yes, but they released allready newer versions >:(

let's see how fast ESET folks will act/react on this

{QUOTE-> let's see how fast ESET folks will act/react on this <-QUOTE}

One thing is sure, + 2 weeks for the translation.
The good thing is we no longer need to wait for the German .437 ;)

{QUOTE-> Sorry, but I disagree. v4 was causing troubles even with SP1 (http pop module error) and v4 was introduced much after SP1 was released, and still it didn't work properly (unlike v3). So they have released product unfinished if you ask me, as those errors were reported in Beta stage as discussed here and in other threads. Not to mention tremendous issues with ESS internet drops... My belief is they rushed out with v4 (both NOD and ESS) and now this is coming back to them.

Now don't get me wrong, I've been using NOD32 for the past 5-6 years, and if I haven't been such a great fan of NOD32, it would be long gone from my laptop, as my thinking is "if something bothers you replace it".

Cheers,
Miki <-QUOTE}
Well i do not disagree, but i was referring to this the topic of this thread and the SP2 issue. I still believe that a product cannot be guaranteed to work with future servicepacks and this is acceptable as long as it's fixed within a reasonable timeframe. This kind of problems is not unique for Eset. This statement is based on the SP2 issue only.

The other issues you describe been discussed in other threads, but i agree with your comments. Even if this might not be directly related to this thread i believe Eset have some general issues they should sort out like the lack of feedback and slow development of their products. It's a great product, but if you have some sort of a problem and find a bug it sometimes take very long for Eset to fix the problem without any feedback. Also you would expect that a bug reported at the beta stage should be sorted out before the release. I found issues at the beta stage and reported the issue to Eset, but still not fixed. All of this might not belong to this thread though since this thread is about the SP2 compatibility issues.

Over the last few days and numerous reboots NOD32 is working totally fine without any errors or red icons.
I did not install it in any specific way, I did not run installation as admin.
But it works fine. I don't know why though :) Maybe ESET have updated it? Antivirus scanner module is date 05.27

the program itself cannot be updated with the virus signatures. you have to download new version and install it to new build

{QUOTE-> Well i do not disagree, but i was referring to this the topic of this thread and the SP2 issue. I still believe that a product cannot be guaranteed to work with future servicepacks and this is acceptable as long as it's fixed within a reasonable timeframe. This kind of problems is not unique for Eset. This statement is based on the SP2 issue only.

The other issues you describe been discussed in other threads, but i agree with your comments. Even if this might not be directly related to this thread i believe Eset have some general issues they should sort out like the lack of feedback and slow development of their products. It's a great product, but if you have some sort of a problem and find a bug it sometimes take very long for Eset to fix the problem without any feedback. Also you would expect that a bug reported at the beta stage should be sorted out before the release. I found issues at the beta stage and reported the issue to Eset, but still not fixed. All of this might not belong to this thread though since this thread is about the SP2 compatibility issues. <-QUOTE}


ESET has had plenty of time to test this. it is not like microsoft just dropped SP2 out of the blue unannounced.

{QUOTE-> ESET has had plenty of time to test this. it is not like microsoft just dropped SP2 out of the blue unannounced. <-QUOTE}
Who said they never did test their products with SP2? Maybe an early build of SP2 didn't cause this problem or maybe they never had any such problem during the testing? Some users reported that they have no problem with SP2 so it's not like this problem happen to all SP2 users. I had some problems in the beginning and suddenly i managed to install nod32 without any problems and even did a upgrade to the latest build without any issues. For the record i use Vista x64 with SP2.

I guess there is reason why Eset ask the users with issues to help them out by providing info. If they could reproduce this problem on any PC running SP2 i guess they wouldn't need that kind of help. So i still say that issues with a new servicepack could be acceptable as long as fixed within a reasonable timeframe. Also provide the customers with info regarding issues and when expected to be fixed is a good way to treat customers.

I'm not putting the blame on the nod32/ess users here, but i also have to say i'm surprised why some have to install a brand new SP on a production system without getting a confirmation that other software installed actually support the new SP. There is a reason why most larger companies never do such a thing. If being the first to install a new servicepacks you also have accept that compatibility issues might occur. If a working computer is critical it's a good idea to not be the first one. For most people SP2 is not critical to get installed at this point so there is actually no rush.

I installed SP2 pretty fast after creating a image backup of my computer and i was ready to accept compatilibity issues or i would never choose to install SP2 as this point. Worst case would be a restore of my computer, but didn't have to do that.

You obviously disagree, but it's only my opinion. I belive Eset deserve some critic, but also think some of the critic is unfair since there is a lot of complaining in this forum. After reading comments from some users in this forum i find it hard to understand why they still use nod32/ess since it sounds like it's the worst thing that ever happened to them. I'm not referring to you in case there should be any doubt. Also this comments are mainly based on the topic of this thread which is nod32/ess and Vista SP2.

I can't speak for everyone obviously but while I may criticize Eset, it's in hopes of making ESS/EAV a better product, I have used quite a few AVs over the years and always end up coming back, for my needs and IMHO it's the best the product out there, but that doesn't mean it couldn't use some improvements.

As for the SP2 debacle, I don't really blame Eset for this fiasco, yes SP2 well advertized and went through a beta and RC test cycle, but from what I can tell something changed at the last minute, from their own "notable changes in SP2" page released Sunday, a mere 2 days before release, they said Home users with up to date systems should only receive a small download;

"However, most home and small business users will receive SP2 through Windows Update, which utilizes an efficient transfer mechanism to download only the actual bytes that are changed, resulting in an approximately 43 megabyte (MB) download." (On my up to date system I received 339MB, not quite the modest download promised)

Further descriptions about it said;
"From a functional standpoint, SP2 is nothing like Windows Vista SP1. That is, it does not include major functional, reliability, and performance improvements. Instead, SP2 is largely a traditional service pack, aggregating all of the hot-fixes and other updates that Microsoft has released since SP1. (And yes, as a result, SP1 is a prerequisite for installing SP2.) That means that Vista/Server 2008 SP2 systems should be almost completely compatible with software and drivers written for Vista, Vista SP1, and Server 2008." (we heard this before too, Remember, If it works on XP, it will work on Vista, trust us);D

Suddenly now that it is out for a few days comes news that it contains 843 "NEW" fixes and features and there is apparently quite a bit more than "all the other patches/hot fixes that MS has released since SP1", I think the blame lies with MS. One of the "NEW FEATURES" is a new DRM management feature, which the implementation of has created problems in the past in previous OSes from MS, but hey, we can't short change Hollywood or the Music industry (Sorry if we mucked up your computer, but IceT needs a another mansion ya know ::)), this wouldn't be the first time MS screwed Software Vendors, that's for sure.

{QUOTE-> I can't speak for everyone obviously but while I may criticize Eset, it's in hopes of making ESS/EAV a better product, I have used quite a few AVs over the years and always end up coming back, for my needs and IMHO it's the best the product out there, but that doesn't mean it couldn't use some improvements.

As for the SP2 debacle, I don't really blame Eset for this fiasco, yes SP2 well advertized and went through a beta and RC test cycle, but from what I can tell something changed at the last minute, from their own "notable changes in SP2" page released Sunday, a mere 2 days before release, they said Home users with up to date systems should only receive a small download;

"However, most home and small business users will receive SP2 through Windows Update, which utilizes an efficient transfer mechanism to download only the actual bytes that are changed, resulting in an approximately 43 megabyte (MB) download." (On my up to date system I received 339MB, not quite the modest download promised)

Further descriptions about it said;
"From a functional standpoint, SP2 is nothing like Windows Vista SP1. That is, it does not include major functional, reliability, and performance improvements. Instead, SP2 is largely a traditional service pack, aggregating all of the hot-fixes and other updates that Microsoft has released since SP1. (And yes, as a result, SP1 is a prerequisite for installing SP2.) That means that Vista/Server 2008 SP2 systems should be almost completely compatible with software and drivers written for Vista, Vista SP1, and Server 2008." (we heard this before too, Remember, If it works on XP, it will work on Vista, trust us);D

Suddenly now that it is out for a few days comes news that it contains 843 "NEW" fixes and features and there is apparently quite a bit more than "all the other patches/hot fixes that MS has released since SP1", I think the blame lies with MS. One of the "NEW FEATURES" is a new DRM management feature, which the implementation of has created problems in the past in previous OSes from MS, but hey, we can't short change Hollywood or the Music industry (Sorry if we mucked up your computer, but IceT needs a another mansion ya know ::)), this wouldn't be the first time MS screwed Software Vendors, that's for sure. <-QUOTE}
What you say makes sence except... the problems people were experiencing happened weeks before Windows Vista SP2 was released, not 2 days. So those changes in the SP may not have made a difference.

They had months to test Windows Vista SP2. I think the Beta was in December, the RC shortly after that, and the RTM (before Windows Update) a month ago. The final version of EAV/ESS v4 was out in early March. So they could have tested SP2 and made it compatible with v4 before v4 went into it's final release version, just like they did when Windows Vista was originally launched and Windows XP SP3 was released.

NOD32 v4 worked fine when I tried it with SP2 RC FYI! Only with teh final build it doesn't work!

I can report that Nod32 v2.7 is working fine with Vista SP2 on the one computer that I have risked it with...

still no update

Hi,

In this post I explained a possible solution:

http://www.wilderssecurity.com/showpost.php?p=1474933&postcount=117

I have tried this on a Virtual Machine, a desktop and a laptop. This solution works on the Virtual Machine and on the desktop, but it didn't work on my laptop. Red icon and warning about realtime protection. I tried to uninstall Eset 4.0.437, but it got stuck during uninstalling the drivers. I also couldn't shutdown properly, so I had to do a hard reset. I was afraid I totally messed it up, because it didn't even want to boot in safe-mode. After a couple of retries I was able to boot again. I had to uninstall all the drivers manually, remove folders and registry-keys. I was then able to reinstall Eset 3.0.684.

I just wanted to mention that, so you know you could end up messing things up. I'm not going to try this anymore. I will use Eset 3 for now and I'll wait for Eset to fix version 4.

looks like ESET has acknowledged the problem here http://www.eset.com/support/news.php with a FAQ here http://kb.eset.com/esetkb/index?page=content&id=NEWS30 step in the right direction.

in reading the FAQ they say that the problem will be fixed automaticly via the update process. i checked my file versions and seen this just now Antivirus and antispyware scanner module: 1217 (20090529) which is today's date. hopefully that is the fix

{QUOTE-> in reading the FAQ they say that the problem will be fixed automatically via the update process. i checked my file versions and seen this just now Antivirus and antispyware scanner module: 1217 (20090529) which is today's date. hopefully that is the fix <-QUOTE}

Nope, I keep getting the error message. They need to update Self-defense module (dated 20081105) and Anti-stealth module (dated 20091504) according to their FAQ (temp solution is to disable them). And here is description for those modules, what they actually do:

Self-Defense – built-in technology to prevent malicious software from corrupting or disabling the system’s security
Integrated Anti-Stealth – advanced technology to protect against rootkits

Which makes me wonder if you disable them, do you still get Maximum protection or your security is compromised?

damn, thanx for the info :)

For now, I'm not installing Vista SP2.

{QUOTE-> For now, I'm not installing Vista SP2. <-QUOTE}

Same, I'll wait for the all clear. But I thought this fix would require a PCU? I guess we will see.

A little suggestion for time being...

Windows Service Pack Blocker Tool Kit

http://www.microsoft.com/downloads/details.aspx?familyid=d7c9a07a-5267-4bd6-87d0-e2a72099edb7&displaylang=en

{QUOTE-> A little suggestion for time being...

Windows Service Pack Blocker Tool Kit <-QUOTE}

Or this:
209315


;D

I have forgotten how nice v3's GUI is compared to v4's (until I installed it again - just kidding)

{QUOTE-> A little suggestion for time being...

Windows Service Pack Blocker Tool Kit

http://www.microsoft.com/downloads/details.aspx?familyid=d7c9a07a-5267-4bd6-87d0-e2a72099edb7&displaylang=en <-QUOTE}

Why a Blocker Tool Kit? You need to agree the licence, otherwise it doesn't install.

{QUOTE-> Why a Blocker Tool Kit? You need to agree the licence, otherwise it doesn't install. <-QUOTE}
The blocker toolkit is especially useful for companies and corporate customers in this case. Then the IT department can make sure the users do not get SP2 via Windows Update. It's easier then tell everyone to not install SP2 and hope for them to follow the advice. For a home user aware of the SP2/nod32 v4 problem then i'm sure a blocker toolkit won't be needed.

Check your build version, I had the SP2 issue, and its now fixed on my systems.

Eset released a new build a week ago that appears to resolve the issue (at least for me). Build release date may 20th, 2009 (build 4.0.437)
Suggest all of you with build 314/417/424 update your version to 437 here (build must be downloaded):
(note- before you install be sure to export the NOD32 4 config settings, and then install and import the config)

http://www.eset.com/download/home-64bit.php
http://www.eset.com/download/registered_software.php (32-bit)


I installed the build on all our computers, and the issue has yet to reoccur on any of them. No more red icon at startup due to real time protection failure.

{QUOTE-> Fix for SP2 and NOD32 4

Check your build version, I had the SP2 issue, and its now fixed on my systems.

Eset released a new build a week ago that appears to resolve the issue. Build release date may 20th, 2009 (build 4.0.437)
Suggest all of you with build 314/417/424 update your version to 437 here (build must be downloaded):
(note- before you install be sure to export the NOD32 4 config settings, and then install and import the config)

http://www.eset.com/download/home-64bit.php
http://www.eset.com/download/registered_software.php (32-bit)


I installed the build on all our computers, and the issue has yet to reoccur on any of them. No more red icon at startup due to real time protection failure. <-QUOTE}

Wrong

Sorry, ur solution is not the right one, the problem happens with that build too.

{QUOTE-> This is the problem that occured, and the above post tells you how to fix it.

Error recieved when NOD32 4 real time file system protection failed to enable:
Application 'C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe' ( pid 2388 ) cannot be restarted - Application SID does not match Conductor SID

Vista automatically checks for valid author certificates and Information when running a program, Corruption like this can occur after a Operating System upgrade. <-QUOTE}
I believe the issue you had with nod32 is either related to some other problem or it's just a coincidence that it's working after the upgrade to the latest build. A lot of people already tried a upgrade to the latest build and have the same problem. Also Eset confirmed there is some problem with nod32 and SP2 in the latest build of nod32 v4.

{QUOTE-> Check your build version, I had the SP2 issue, and its now fixed on my systems.

Eset released a new build a week ago that appears to resolve the issue (at least for me). Build release date may 20th, 2009 (build 4.0.437)
Suggest all of you with build 314/417/424 update your version to 437 here (build must be downloaded):
(note- before you install be sure to export the NOD32 4 config settings, and then install and import the config)

http://www.eset.com/download/home-64bit.php
http://www.eset.com/download/registered_software.php (32-bit)


I installed the build on all our computers, and the issue has yet to reoccur on any of them. No more red icon at startup due to real time protection failure. <-QUOTE}


look at post #164 it tells you what needs fixed. it is still not fixed as of yet.

I installed Service Pack 2 and everything is fine. Here is what I did.

I have Vista 64 Home Premium.

1. I upgraded NOD32 Antivirus to 4.0.437.0

2. I unchecked (disabled) Anti-Stealth technology and Self-defense from within Advanced setup from the Antivirus and antispyware screen

3. I did not reboot

4. I installed Service Pack 2 from Windows Update

5. Once the Service Pack installed and I was able to log in I checked (enabled) Anti-Stealth technology

6. I rebooted

7. Upon log in I checked (enabled) Self-defense

8. I rebooted

9. Everything came up fine and NOD32 is green and no BSOD's

I don't know if my procedure had anything to do with anything but it worked for me.

i did a clean install of vista with SP2 integrated then installed NOD32 and am having the disable problem

{QUOTE-> i did a clean install of vista with SP2 integrated then installed NOD32 and am having the disable problem <-QUOTE}

I was just looking at some of the other threads here that deal with this problem, and they seem to think it is a Permissions issue. Has anyone tried running under the Built in Admin Account, to see if the app runs normally, and without disablement at restart?

http://www.wilderssecurity.com/showthread.php?t=241416


If this is the case, then that would explain the discrepancy between why some have the issue and others do not. Windows Admin/User corruption occured during (or prior to) SP2 installation. it would also explain why I was able to fix my issue by reinstallation and running sfc /scannow, which would scan all protected Windows files to verify their versions have not been overwritten or damaged, and if so will replace the compromised version with a fresh copy.

Corrupt Admin User accounts can be fixed though, and permissions restored. In the big picture though, If there is exisiting User corruption then you have bigger problems than just the NOD32 issue, you just havent noticed it yet.


To run the built in Admin:
In the elevated command prompt, type net user administrator /active:yes and press Enter

To disable the built in Admin:
In the elevated command prompt, type net user administrator /active:no and press Enter

Anyone want to give it a try, and post the results?

{QUOTE-> I was just looking at some of the other threads here that deal with this problem, and they seem to think it is a Permissions issue. Has anyone tried running under the Built in Admin Account, to see if the app runs normally, and without disablement at restart? <-QUOTE}
I believe some people suspect it's a permission issue because of UAC. Several people reported they have UAC disabled including myself and when UAC is completely disabled a user account with admin privilege will have the same privilege level as the administrator account. Several people tried running the installer as a admin and some said it worked out fine and others had the same problem. Some said it worked fine, but then later posted and said the problem is back. The results are posted already.

As already confirmed by Eset there is some issues with Vista SP2 and Nod32 v4. It's not like those with issues are doing something wrong. Of course people are free to try installing nod32 as many times as they want, but it's pretty potinless when the developer of the software confirm there is a problem with SP2 and nod32 v4. Wait for the next build of nod32 v4 is probably the best thing to do unless you have a lot of spare time.

{QUOTE-> I believe some people suspect it's a permission issue because of UAC. Several people reported they have UAC disabled including myself and when UAC is completely disabled a user account with admin privilege will have the same privilege level as the administrator account. Several people tried running the installer as a admin and some said it worked out fine and others had the same problem. Some said it worked fine, but then later posted and said the problem is back. The results are posted already.

As already confirmed by Eset there is some issues with Vista SP2 and Nod32 v4. It's not like those with issues are doing something wrong. Of course people are free to try installing nod32 as many times as they want, but it's pretty potinless when the developer of the software confirm there is a problem with SP2 and nod32 v4. Wait for the next build of nod32 v4 is probably the best thing to do unless you have a lot of spare time. <-QUOTE}

Perhaps that is the case then. Good luck to all of you with the issue.

ps- according to the Eset kb, the "fix" will be provided in the automatic updates, so new build installation may not be required.

How will the fix be delivered?
The current plan is to provide the fix via normal update channels, which means it will be downloaded and installed automatically by all copies of ESET Smart Security 4.0 and ESET NOD32 Antivirus 4.0, without any need for a computer restart or user intervention.

He can't understand that if the solution was so easy, Eset had already figured it out. But is funny to see him trying different "solutions", even knowing that it won't work for all people.

{QUOTE-> He can't understand that if the solution was so easy, Eset had already figured it out. But is funny to see him trying different "solutions", even knowing that it won't work for all people. <-QUOTE}

Maybe not, but its worked for quite a few...and in the end thats all that counts. Even, if for the sake of argument the underlying issue is still there, it doesnt manifest itself, and it makes the app fully functional.

{QUOTE-> Maybe not, but its worked for quite a few...and in the end thats all that counts. <-QUOTE}

So Nod32 has only to work for quite a few, i feel sorry for you if you think that's the way it has to be.

By the way, i see u deleted the other solutions u had, why did u do that? they could have worked for quite a few :)

Well I have been following this thread all week and I have not any problems with Vista SP2 & NOD32 v4.0.437.0

Dell XPS M1710 Intel Mobile Core 2 Duo 2.33MHz T7600G with 3GB of DDR2 677MHz ram.

I just installed SP2 from windows update & I didn't turn nothing off and that's it! So it is not everyone that is having this problem ;)

TH

to be honest I don't believe it's only about permissions. I have UAC on, many times NOD32 would start without any problems, but sometimes I keep getting red icon, and need to reset laptop to correct this. To me, it's more like some modules struggle with Vista. I also want to point out that " POP3 HTTP" error was even with SP1 (from time to time), and ESET never offered solution to this problem besides reinstall which didn't solve the problem for me.

Cheers,
Miki

{QUOTE-> Well I have been following this thread all week and I have not any problems with Vista SP2 & NOD32 v4.0.437.0

Dell XPS M1710 Itel Mobile Core 2 Duo 2.33MHz T7600G with 3GB of DDR2 677MHz ram.

I just installed SP2 from windows update & I didn't turn nothing off and that's it! So it is not everyone that is having this problem ;)

TH <-QUOTE}


I think it's mostly x64 users experiencing the problem. Are you x64 or x86?

{QUOTE-> I think it's mostly x64 users experiencing the problem. Are you x64 or x86? <-QUOTE}

x86 ;) and not only http://www.wilderssecurity.com/showpost.php?p=1469990&postcount=48

TIA,

TH

Here's my experience with Vista SP2:

I have UAC always disabled as its annoying and useless to me, I know what I run and what im doing.

I installed SP2

Got the warning from NOD32 (red icon)

restarted

working like a charm now :)

Well I did too restart and then it works, util next time. Solution (restart) is not permanent.

{QUOTE-> Well I did too restart and then it works, util next time. Solution (restart) is not permanent. <-QUOTE}
I just restarted after you telling me this, being paranoid, but guess what? it is still working, so this is permanent provided you always have UAC disabled which is my case, I hate UAC, it is useless and annoying, I know what I run and don't need anyone to tell me that something is dangerous or trying to alter the system or not.

{QUOTE-> I think it's mostly x64 users experiencing the problem. Are you x64 or x86? <-QUOTE}

Just an FYI... I am running Vista 64

{QUOTE-> Just an FYI... I am running Vista 64 <-QUOTE}

If you had taken 1 second to read my signature you would've known. I am using Windows Vista Business (64-Bit)

{QUOTE-> If you had taken 1 second to read my signature you would've known. I am using Windows Vista Business (64-Bit) <-QUOTE}

Not sure why you replied to me. I'm just stating I am running Vista 64. I wasn't referring to you, more jimwillsher since he said 64 bit had issues. Just stating that I am running 64 bit and no issues.

{QUOTE-> Not sure why you replied to me. I'm just stating I am running Vista 64. I wasn't referring to you, more jimwillsher since he said 64 bit had issues. Just stating that I am running 64 bit and no issues. <-QUOTE}


oh ok Vista 64 bit FTW

{QUOTE-> If you had taken 1 second to read my signature you would've known. I am using Windows Vista Business (64-Bit) <-QUOTE}

That just shows that many people don't bother reading sigs, especially long ones, as they're usually useless quotes and stuff.

It's plain that not everyone is experiencing the issues, but clearly some are. When I tried it I had UAC disabled (first thing I do on a Vista install is disable UAC) and I got a BSOD during stage 3 of the SP2 install.

I've now got a slipstreamed SP2 install ISO, so if I get the chance I'll try installing V4 on a new slipstreamed SP2 installation. Though I'm so pleased with the Win7 RC installation (with ESET V4) that I might just stick to Win7 anyway.


Jim

{QUOTE-> I just restarted after you telling me this, being paranoid, but guess what? it is still working, so this is permanent provided you always have UAC disabled which is my case, I hate UAC, it is useless and annoying, I know what I run and don't need anyone to tell me that something is dangerous or trying to alter the system or not. <-QUOTE}

FYI the issue is extremely intermittent. Two reboots is nowhere near enough to prove that the issue is permanently resolved. I only had it approximately one in every 10-15 reboots.

Like you, I also have UAC permanently disabled, and always have done.

Hi,

Next link resolve problem: http://kb.eset.com/esetkb/index?page=content&id=NEWS30



cumps

{QUOTE-> FYI the issue is extremely intermittent. Two reboots is nowhere near enough to prove that the issue is permanently resolved. I only had it approximately one in every 10-15 reboots. <-QUOTE}

That's what I'm telling people. For the moment (last 3 days) I don't have any issue, but before that I had to restart NOD32 few times to make it work. I also want to point out 2 types of errors:

1. a serious error occurred when loading real time protection, so NOD32 will not work at all (had it twice with SP2, never with SP1)
2. Analysis of application protocols will not function - HTTP POP3 error (had it with both SP1 and SP2)

Restart seem to "solve" the problems until next occurrence.

I'm on Vista Business 32bit SP2

Nodyforever, it's more like temp solution/ workaround, but it raises another security question:
http://www.wilderssecurity.com/showpost.php?p=1476540&postcount=164

Cheers,
Miki

{QUOTE-> If you had taken 1 second to read my signature you would've known. I am using Windows Vista Business (64-Bit) <-QUOTE}

Perhaps you (like probably 99.9% of other posters) had the SP2/NOD43x4 experience on another computer other than the one in your sig. Some people work on computers other than the one in their sig. ;)

I tried v4 on 1x of my Vista rigs..my laptop, very clean minimal installation, like others mentioned here....step 3 was the issue for me, she bluescreened with an Eset system file, I went into safe mode right away to go uninstall NOD, while going into safe mode step 3 continued on...appeared to complete..and then said it failed to install (due to safe mode), and it rolled back. I uninstalled NOD and redid the service pack...installed smoothly. AntiVir is on there for now.

Most disturbing....compatibility between software products and major OS releases is one of the reasons they are released to software developers way ahead of release time to the public.

A fix for the SP2 issue problem is currently being distributed to those with "test mode" enabled in the update setup. After a couple of days, it will be distributed to other users who update from regular update servers.

{QUOTE-> A fix for the SP2 issue problem is currently being distributed to those with "test mode" enabled in the update setup. After a couple of days, it will be distributed to other users who update from regular update servers. <-QUOTE}Fantastic news Marcos, many thanks for the update. Fingers crossed!


Jim

{QUOTE-> A fix for the SP2 issue problem is currently being distributed to those with "test mode" enabled in the update setup. <-QUOTE}
Changed to test mode and it updated the program modules. Are these new versions?

Virus signature database: 4118 (20090601)
Update module: 1028 (20090302)
Antivirus and antispyware scanner module: 1218 (20090601)
Advanced heuristics module: 1092 (20090309)
Archive support module: 1095 (20090525)
Cleaner module: 1040 (20090401)
Anti-Stealth support module: 1012 (20090526)
Personal firewall module: 1046 (20090429)
Antispam module: 1011 (20090114)
SysInspector module: 1212 (20090414)
Self-defense support module : 1006 (20090513)

Anti-Stealth support module: 1012 (20090526)
Self-defense support module : 1006 (20090513)

are new and don't seem to be downloaded to those of us without test mode enabled.

yap, those two are new. Any improvements?

i realised that i need to keep updates on test mode until the regular update catches up because when i disabled it, it reverted the modules to previous version and that dreaded red screen showed up (anti stealth is on). So back to test update again, restart and all is working again :)

As for the improvements nothing that i can see unless the above indicates that it fixes the permission issue which i think that it does (on a hunch) ;)

Thanks mate, I hope ESET will come with full changelog description.

I talked to a friend of mine at vistax64 who is a programmer/coder and this is what he says
About the issue, and why it may affect all systems differently, or not all all.
He suspects Eset was being naughty, and attempted to hook opaque non-API functions in the kernel that SP2 then changed.

Patchguard and signed third party kernel code
Microsoft has attempted to exert greater control over approved third party code by introducing
Kernel Mode Code Signing in Windows Vista that mandates digitally signed kernel code, and has
also introduced PatchGuard on 64-bit versions of Windows to limit the modification of kernel code
and data structures. This does not prevent hooking of certain kernel data structures though, most
importantly the objects stored in the object directory (such as device, driver, or port objects) which
still allows kernel functionality to be hooked and file system or network requests and responses to
be modified as desired.



Re: SP2 issue
Hello Rive,

I read through the thread and the Eset KB article, but I don't have any answers for you. I'll think out loud for a bit though...

The Eset KB article does not offer any explanation for what the problem may be - they merely discuss workarounds. However, given one of their suggestions is a rollback to version 3.0 of their product, it's obvious that version 4.0 tries to do something substantially different.

A bit of background:

The kernel offers specialised API "hooks" where AV software can attach itself legitimately. Those functions are meant to be immutable - should a Windows SP somehow change them, that would constitue an MS problem which affects a multitude of AV products from different vendors. That's not the case here though. Instead, what's likely happening is that Eset are getting a bit adventurous and hooking non-API functions to varying degrees in different versions of their products. Many AV vendors do that, usually because they feel constrained by having to use the same APIs as their competitors, so in order to gain an advantage that looks good in a brochure (additional forms of "protection" not offered by their competitors), they'll sometimes run the risk of hooking non-API functions.

The problem is that those functions may change in a hotfix or SP. It doesn't take much for that interface to break down; for example, a function that used to return a dword parameter now returns a quad-word, and that is enough to completely throw into disarray any hooking software which expects a dword. In this case, that's very probably what happened... Eset 4.0 was hooking non-APIs and that's a little naughty. SP2 comes along and sufficiently alters the functions being hooked to cause Eset 4.0 to break down. Eset techs scratch their heads. It takes a week or two for Eset HQ to find their top 2 or 3 development resources and to say "you're on this until it's fixed - TOP PRIORITY!", and even then they don't really know how to fix it until they've analyzed (under a debugger) all of the SP2 modifications to the non-API functions that they've been hooking, and just exactly why their previous assumptions are now broken. Remember that MS is not publishing detailed info about those non-API functions... they are meant to be "opaque".

It's entirely possible that there's more than one underlying cause for the breakdown. There may be several or even hundreds of functions being hooked which now need to be rejigged by Eset devs. That's probably what causes the different symptoms on different computers - some expose multiple problems, some a single one, and some non at all, depending on environmental conditions and the way those machines are used.

There is no way to "troubleshoot" this stuff properly without a debugger (http://www.vistax64.com/software/219790-reading-bsod-crash-files.html)/disassembler, a fair amount of kernel-mode knowledge, and lots and lots of time and effort. Hence, it's best to just let the Eset folk do their thing. They'll presumably put out an updated version of their product once they're done re-coding.

Hope this helps :)

Help who? or what? At least it helped me to see that u are so obsessed in trying to solve the problem for the others, but you and i know why u are doing this, don't we? Just forget it and do what ur friend told u, let the Eset folk do their thing.

BTW, the problem seems to be solved with the new test updates, but sometimes there's a problem when installing Nod32, so Marcos, are u gonna release a new build soon?

@rive0108

What exactly is your point? This is only speculation and cannot see how your post would help anyone. Eset released a fix to those with test mode enabled and will release the fix for everyone within a few days. I believe a fix from the software delveloper is the kind of help the affected users need/want and Eset released that fix already. As CivilTaz already said a new installer/build is needed as well. Since your post is only speculation it might noe even be accurate so i'm not sure how that information is useful at all. This issue have to be fixed by Eset and information that could possibly be the reason for the problem won't solve anything.

{QUOTE-> I talked to a friend of mine at vistax64 who is a programmer/coder and this is what he says
About the issue, and why it may affect all systems differently, or not all all.
He suspects Eset was being naughty, and attempted to hook opaque non-API functions in the kernel that SP2 then changed.

Hope this helps :) <-QUOTE}

I found the post interesting enough to catch my attention for a minute to read it. I'll be a pint of Guinness it'll mysteriously "disappear" though. ;)

I believe rive0108 just wanted to give us in-depth "probable cause" what might be the core problem. I see no harm in his post.Maybe over-technical for most users, but not useless.

{QUOTE-> A fix for the SP2 issue problem is currently being distributed to those with "test mode" enabled in the update setup. After a couple of days, it will be distributed to other users who update from regular update servers. <-QUOTE}

thank you for letting us know

i just enabled test mode and updated. hopefully it is fixed now :)

{QUOTE-> I believe rive0108 just wanted to give us in-depth "probable cause" what might be the core problem. I see no harm in his post.Maybe over-technical for most users, but not useless. <-QUOTE}

Agreed, he gave a good insight as to what might be causing all the issues.

{QUOTE-> A fix for the SP2 issue problem is currently being distributed to those with "test mode" enabled in the update setup. After a couple of days, it will be distributed to other users who update from regular update servers. <-QUOTE}
How can this be enabled if using RA 3.x ? Can't found any option in the server.
Activation at the client should not be enough.

regards
mike

I have noticed one rather strange thing: as my laptop is password protected, during boot while in logon screen if I type my password immediately then no problems with NOD32. If I however wait at this point (HDD is doing some background activities) and login after about 2 min or something then I get "red icon". I cannot replicate this error with 100%.

Or maybe this is total bull$hit? :ouch:

Cheers,
Miki

{QUOTE-> I have noticed one rather strange thing: as my laptop is password protected, during boot while in logon screen if I type my password immediately then no problems with NOD32. If I however wait at this point (HDD is doing some background activities) and login after about 2 min or something then I get "red icon". I cannot replicate this error with 100%.

Or maybe this is total bull$hit? :ouch:

Cheers,
Miki <-QUOTE}
Does it happen with the latest update that is supposed to fix the SP2 issue as well?

no, regular 4.0.437 version. I don't use test mode.

{QUOTE-> I believe rive0108 just wanted to give us in-depth "probable cause" what might be the core problem. I see no harm in his post.Maybe over-technical for most users, but not useless. <-QUOTE}

Thanks.


[For those interested in debugging, or even gaining more insight into the individual issues at hand, here is a free MS debugger for BSOD dump files and kernel issues, and instructions on how to use it: http://www.vistax64.com/software/219790-reading-bsod-crash-files.html]

I'm pretty much sure I can replicate this "red icon" problem as I described few posts above. Does it mean it is related to those issues rive0108 posted? If Vista loads some drivers/processes before NOD32 conflict emerges?

Not that this is very scientific but, over the weekend I tried putting SP-2 onto a Vista 32 Bit business edition box which I had kicking about (it was about to be wiped so I didn't care about trashing it).

Installed SP-2 with EAV 4.0.437 running with Anti-stealth and Self-Defense both turned on....installation had no problems and I haven't had a single error, glitch, BSOD, red Eset icon or any other anomoly.

Not sure if it makes any odds but, the only thing I can think of which might explain why I haven't had any issues is that Vista has both DEP & UAC disabled and has done since Vista was first installed. Not using Test mode either before anyone asks!

~M

been couple of days now since i downloaded the updates with 0 problems, hopefully it is fixed now

Some off topic posts removed. Please post software informational posts in the software and services forum.

Hello,

Please see http://www.wilderssecurity.com/showthread.php?t=244205 for updated information.

Regards,

Aryeh Goretsky

Do I still need to leave test mode checked if I want to avoid reverting back to the old broken modules?

{QUOTE-> Do I still need to leave test mode checked if I want to avoid reverting back to the old broken modules? <-QUOTE}

It will not revert, but it is up to you if you want to uncheck the test mode box. As for me I'm leaving it checked.

TH

{QUOTE-> Do I still need to leave test mode checked if I want to avoid reverting back to the old broken modules? <-QUOTE}

I think for most users it's better to turn test mode off.

Same here, while it might help some people to have it checked and have a later version, on the other hand there is still something keeping Eset from releasing whatever component to all of us. I'd rather not risk it, and in my experience of unchecking, you go back farther than the versions of some components that were in the version you downloaded, in other words unchecking takes the firewall in .437 back to 1040, not 1046.

{QUOTE-> Same here, while it might help some people to have it checked and have a later version, on the other hand there is still something keeping Eset from releasing whatever component to all of us. I'd rather not risk it, and in my experience of unchecking, you go back farther than the versions of some components that were in the version you downloaded, in other words unchecking takes the firewall in .437 back to 1040, not 1046. <-QUOTE}

Hi. I do not have test-mode enabled. I do have the new versions of Anti-stealth and self-defense. Also I have version 1046 of Personal Firewall. So I think you can safely disable test-mode. If you always want to have the newest releases, you could leave test-mode enabled, but you work with beta-software with the risk of bugs in it. It is test-mode after all.

By the way, thanks to Eset for fixing the SP2 issue. Working great here now. One more remark: You should really check the uninstall script, because more than once I have to uninstall components (drivers) of eset after I uninstalled eset through control panel. If I don't uninstall them manually afterwards a new install might fail.

{QUOTE-> I think for most users it's better to turn test mode off. <-QUOTE}

Definately agree. Test mode seemed to becausing me problems with LAN local only connection, Reinstall without selecting test mode seemed to fix.